General discussion


2 Networks

By Curacao_Dejavu ·
This is my first experience with 2 networks and I would like to have your input on this.

On the lan side 192.168.30.x whch has pc's and printers.
On the dmz side 192.168.40.x containing the AD, exchange and 2 Terminal Servers (TS).
There is also a router that connects the 2 networks.

a: I am able to ping from one network to the other.
b: I am not able to access shared resources of a network from the other network. (can you explain why ?)
c: I have try yet if a pc can join the domain and AD from the 30.x network.
(I am not sure if this will work)

items b and c are the most important to me at the moment.

Is there a way that I can make this work ?

Also if this does not work I want to go back to a flat network.
but then I have one more item too consider.
Some of the pc's need to make vpn connections to the internet. Currently I am using winroute 5 for this, but If I add a hardware firewall in front of winroute (pc-winroute-hw firewall) will they still be able to make the vpn connections ?



the more input I receive the better.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

by Curacao_Dejavu In reply to 2 Networks

Point value changed by question poster.

Collapse -

by razz2 In reply to 2 Networks

Some extra info would help with the answer. Then I will guess after this:

What are the subnet masks being used for both subnets?

What is the router and is it just a router or some router/firewall with a DMZ port (I am guessing NOT a firewall since you use Winroute)?

Why are you putting AD in a DMZ!?!

That said, I would guess you are pinging by ip but trying to access resource shares by name. Try access to a resource by ip:

On a PC in subnet 1 try using start menu --> run:

Type "\\ServerIpAddress\ShareName\" (without the quotes)

If that opens the folder then the issue is name resolution. What are the PC's using for DNS? Is the DNS server internal and does it have both subnets? If that is it then fix DNS name resolution and joining AD will not be a proplem.

The VPN is not an issue as any good firewall would allow you VPN passthrough and if not the ability to open needed ports.

Good Luck,


Collapse -

by Curacao_Dejavu In reply to

Poster rated this answer.

Collapse -

by Curacao_Dejavu In reply to 2 Networks

both subnets are

the firewall is a hardware firewall

exchange needs the AD in the same segment, so that;s the reason they are both together.

it does not matter if I try to access the resource by ip or by name, i can not connect anyway.

for the moment the pc's are using a outside dns server to resolve external ip adress (in order to browse).


Collapse -

by keebmachine In reply to 2 Networks

Make sure that you have the correct ports open on the router so that the message traffic can flow to and from the client computers and servers.
Please click the link below for further explanation.

Collapse -

by Curacao_Dejavu In reply to

The ports are open, I have a kb artickle with all ports that the windows system uses for all the services.

Collapse -

by Curacao_Dejavu In reply to 2 Networks

This question was closed by the author

Related Discussions

Related Forums